Key TakeawaysNew macOS Stealer: Reaper targets Apple users by spoofing major tech brands, including Apple, Microsoft, and Google, to steal credentials.Sophisticated Evasion Tactics: The malware…

Key TakeawaysMassive data breach: Hackers compromised the records of at least 1.8 million individuals.Extended unauthorized access: Attackers accessed the network from November 2025 to February…

Key TakeawaysOperational Disruption: Law enforcement apprehended over 200 individuals and decommissioned more than 50 malicious servers.Victimology and Suspect Profiles: The 13-nation operation identified almost 4,000…

Key TakeawaysAttack volume drops: Total mobile attacks decreased, but unique user targeting remained stable.Banking Trojans surge: Malicious installation packages increased by half quarter-over-quarter.Emerging mobile threats:…

Key TakeawaysRapid cloning: The first Shai-Hulud worm clones appeared days after TeamPCP released the source code.Malicious packages: Security researchers identified four malicious NPM packages with…

Key TakeawaysIRGC propaganda: A law enforcement operation identified and disrupted the IRGC's online presence used to spread propaganda, recruit supporters, and raise funds.Operation span: The…

Key TakeawaysConfirmed token compromise: Grafana officially disclosed that an unauthorized party accessed its GitHub environment.Codebase extortion attempt: The unnamed threat actors successfully downloaded the company's…

Manny Ataebi – Cerby Manny Ataebi has been appointed as Chief Marketing Officer at identity security company Cerby after spending the last three years in…

The week’s incidents show cybercrime becoming faster and quieter, with supply chain attacks targeting developer ecosystems because compromising one package can spread malware to thousands…

Key TakeawaysCanada Bill C-22 surveillance law: Windscribe may exit Canada if forced to log user metadata for compliance.Industry reaction: Signal and Windscribe oppose bill, citing…

Key TakeawaysUtah age verification VPN liability law: Websites held responsible when users bypass age checks using VPN location masking.Enforcement difficulty: VPN detection remains unreliable, as…

Key TakeawaysAndroid 16 VPN vulnerability: Researchers claim apps can bypass VPN tunnels and expose users’ real IP addresses.Google response: Google reportedly marked the Android 16…

Key TakeawaysIndictment returned: A federal grand jury charged two Pakistani men and one Indian man in relation to dark web narcotics trafficking.Dark web operations: Defendants…

Key TakeawaysTargeted Phishing Attack: Russian hackers targeted over 13,500 Signal users in an extensive espionage operation.Automated Compromise System: The ApocalypseZ infrastructure facilitated bulk account hijacking…

Key TakeawaysTargeted sectors: Operations focused on South Korean entities, alongside defense targets in Brazil and Germany.Malware variants: Threat actors deployed HelloDoor, httpMalice, MemLoad, httpTroy, AppleSeed,…

Key TakeawaysNew campaign: ESET researchers have identified Ghostwriter conducting targeted operations against Ukrainian governmental entities.Malicious payload delivery: Threat actors deployed PicassoLoader and a Cobalt Strike…

Key TakeawaysData security: OpenAI states that there is no evidence that user data or intellectual property was accessed.Impacted devices: Two corporate employee devices were affected…

Key TakeawaysGlobal scope: Iran-linked APT MuddyWater hit almost 10 organizations across four continents in Q1 2026, among which is an unnamed electronics maker.DLL sideloading: The…

Key TakeawaysUnverified breach claims: TeamPCP alleges the successful extraction and sale of Mistral AI and Mistral Solutions corporate data.Data volume reported: The threat actor claims…

Key TakeawaysIran internet blackout women: collapse of online livelihoods across Iran: Internet shutdowns cripple women-led businesses, eliminating income from online platforms and informal digital work…